Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Inic' = '%TEMP%\inst.bat'
- '<SYSTEM32>\rundll32.exe' "%TEMP%\my0092.dll",dlgProc
- '<SYSTEM32>\cmd.exe' /c %TEMP%\inst.bat
- %TEMP%\inst.bat
- %TEMP%\my0092.rar
- 'al#########s001-001-site1.btempurl.com':80
- 'bl########p-001-site1.btempurl.com':80
- http://al#########s001-001-site1.btempurl.com/desktop/
- http://bl########p-001-site1.btempurl.com/my0092.rar
- DNS ASK al#########s001-001-site1.btempurl.com
- DNS ASK bl########p-001-site1.btempurl.com
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''